Keeping Codapay payroll software secure so your staff can always be paid on time and without disruption is of utmost importance to us.
As a software provider, we’re responsible for a robust cybersecurity plan to protect your data and system from attack, as well as a recovery plan in the very unlikely event of a breach. We understand the vital role payroll plays in ensuring your supply chain stays satisfied, which is why we never cut corners when it comes to keeping our platform secure against cyberattacks.
Your payroll software should always be up and running ready to process payslips instantaneously. We’ve all heard the horror stories of systems being down resulting in workers not being paid, risking rapid turnover and a bruised reputation.
That’s why we’d like to take a few minutes of your time to reassure you of our commitment to the ongoing maintenance of Codapay payroll software.
An overview of our skilled, UK-based team
We bolster our highly skilled teams with talented individuals who are highly experienced in software support and development.
A key to our success is our dedication to hiring UK-based developers and IT experts. As we’re based locally in Manchester, our teams are fully versed in UK temporary staffing industry requirements and compliance best practise. It also ensures we can standardise internal cybersecurity practices as we don’t rely on third-party outsourced teams who may operate to a different standard.
Plus, our senior board team members each have technical backgrounds meaning they understand the importance of safeguarding measures and drive an active approach to maintain security.
Experience no disruption with ongoing maintenance
We can all relate to the frustration of a ‘down for maintenance’ landing page when trying to complete essential tasks.
At Codapay, we apply several security patches and version updates each month, all of which are rolled out automatically at midnight. This means you will always be running the latest – and most secure – version of the system.
You’ll always be able to pay your workers on time without the risk of your system going down on payday. This is especially important in the temporary staffing industry where loyalty is typically lower compared to a typical employment relationship. One bad experience with getting paid can destroy your reputation with contractors – and potentially result in them terminating their contract.
Regular testing to assess vulnerabilities
As part of our Cyber Essentials commitment, our software undergoes regular testing to seek out any vulnerabilities in our software that could lead to malicious attacks. This means we can ensure there are no gaps for hackers to enter and disrupt our service.
As we take a proactive approach to cybersecurity, we actively prevent attacks. However, it’s also important for us to have a reactive plan in place in the very unlikely instance of a breach.
We have a robust data recovery plan in place
In the rare and unlikely case of our system going down, we have servers located across Europe that host backups of Codapay. We backup system data hourly and daily (in full), meaning you would be up and running again in no time with minimal or no data loss.
Sometimes downtime can be completely unprecedented. For example, in 2021 there was a data centre fire in France that wiped out many servers. Fortunately, we’re prepared for any such unlikelihood thanks to our recovery plan which significantly reduces downtime for our clients.
It goes without saying that we monitor our platform in real-time every day and receive immediate notifications if there are any outages. Any urgent platform issues (i.e., anything that prevents you from running payroll) will be booked in as a top priority with our development team.
Plus, if you notice any unusual data in your system (that may suggest a breach), this can be easily investigated as Codapay has a clear audit log to show changes by the system and your staff.
Ensuring cybersecurity certification
We understand it’s difficult to trust a company without independent verification and due diligence. And rightly so – you wouldn’t trust a medical discovery until it has been peer-reviewed by experts in the field. That’s why we take time to attain accreditations and offer reassurance to our clients that we always follow best practise.
We’ve attained the Cyber Essentials certification from IASME, a government-recommended accreditation body. This independent assessment ensures Codapay is following steps to prevent the most common online threats. An added advantage is that doing so often prevents hackers who will instead seek out companies with no security measures in place.
And it doesn’t stop there: we’re continually reviewing further opportunities to boost our security measures. In 2022, we will be laying the foundations for our ISO:27001 accreditation – the gold standard for Information Security Management.
Your cybersecurity hygiene matters too
While you must ensure your software partner upholds a robust cybersecurity plan, some responsibility always rests on the software user.
Funnily enough, many breaches come from mistakes that are simple to prevent. For example:
- Sharing your passwords in unprotected places
- Using the same password for everything
- Not being mindful of who your password is shared with
- Forgetting to change passwords when staff leave the business
- Not training internal staff on common phishing attempts
- Not undertaking cybersecurity courses or external accreditations
External experts can be hired to train staff and distribute information on circulating phishing attacks. However, most common attacks come from poor cybersecurity hygiene as listed above.
Be aware of the latest cybersecurity threats
Most of the common cybersecurity threats aim to misguide you through what can appear quite convincing acts. For example, attackers can cloak as a service provider you use or an employee within your business to harvest login data.
Always take care when receiving an unexpected email or text e.g. an unprompted login request from a software provider or a message from a colleague asking for a password. If you’re unsure, always double-check and get a second opinion first.
If you suspect there’s a fraudulent attempt to access your details, make sure a warning is distributed across the company – an unsuspecting employee might not take the same level of care.
Summary
You can rest assured that Codapay takes a proactive approach to cybersecurity to keep your system safe from attack. This means you don’t have to worry about the threat of not being able to pay your employees on time – a vital duty for any business.
To maintain this level of security, we urge our clients to ensure proper cybersecurity hygiene to prevent internal and external attacks to personal instances.
If you’d like to find out more about our cybersecurity defences, please reach out to your account manager.
